User-Driven Access Control: Rethinking Permission ... - CiteSeerX

Extrait du fichier (au format texte) :

User-Driven Access Control:
Rethinking Permission Granting in Modern Operating Systems
Franziska Roesner, Tadayoshi Kohno
{franzi, yoshi}@cs.washington.edu
University of Washington

Alexander Moshchuk, Bryan Parno, Helen J. Wang
{alexmos, parno, helenw}@microsoft.com
Microsoft Research, Redmond

Crispin Cowan crispin@microsoft.com
Microsoft
Abstract

tionality and security for access to the user s data and resources. From a functionality standpoint, isolation inhibits the client-side manipulation of user data across arbitrary applications. For example, the isolation of web sites makes it difficult to share photos between two online providers
(e.g., Picasa and Flickr) without manually downloading and re-uploading them. (While two such applications can prenegotiate data exchanges through IPC channels or other APIs,
requiring every pair of applications used by a user to prenegotiate is inefficient or impossible.) From a security standpoint, existing access control mechanisms tend to be coarsegrained, abrasive, or inadequate. For instance, they require users to make out-of-context, uninformed decisions at install time via manifests [3, 6], or they unintelligently prompt users to determine their intent [5, 20].
Thus, a pressing open problem in these systems is how to allow users to grant applications access to user-owned resources spanning different isolation boundaries, defined as privacy-and cost-sensitive devices and sensors (such as the camera, GPS, or SMS capabilities), system services and settings (such as the contact list or clipboard), and user content stored with various applications (such as photos or documents). To address this problem, we propose user-driven access control, whereby the system captures user intent via authentic user actions in the context of applications.
In particular, we introduce access control gadgets (ACGs)
as an operating system technique to capture user intent. Each user-owned resource exposes UI elements called ACGs for applications to embed. The user s authentic UI interactions with an ACG grant the embedding application permission to access the corresponding resource. Our design ensures the display integrity of ACGs, resists tampering by malicious applications, and allows the system to translate authentic user input on the ACGs into permissions.
The ACG mechanism enables a permission granting system that minimizes unintended access by letting users grant permissions at the time of use (unlike the manifest model)
and minimizes the burden on users by implicitly extracting a

Modern client platforms, such as iOS, Android, Windows
Phone, Windows 8, and web browsers, run each application in an isolated environment with limited privileges. A pressing open problem in such systems is how to allow users to grant applications access to user-owned resources, e.g., to privacyand cost-sensitive devices like the camera or to user data residing in other applications. A key challenge is to enable such access in a way that is non-disruptive to users while still maintaining least-privilege restrictions on applications.
In this paper, we take the approach of user-driven access control, whereby permission granting is built into existing

Les promotions



A Large-Scale Study of the Evolution of Web Pages - Microsoft
A Large-Scale Study of the Evolution of Web Pages - Microsoft
23/08/2018 - www.microsoft.com
A Large-Scale Study of the Evolution of Web Pages Dennis Fetterly Hewlett Packard Labs 1501 Page Mill Road Palo Alto, CA 94304 dennis.fetterly@hp.com Mark Manasse Marc Najork Microsoft Research Microsoft Research 1065 La Avenida 1065 La Avenida Mountain View, CA 94043 Mountain View, CA 94043 manasse@microsoft.com najork@microsoft.com Janet Wiener Hewlett Packard Labs 1501 Page Mill Road Palo Alto, CA 94304 janet.wiener@hp.com ABSTRACT 1. INTRODUCTION How fast does the web change? Does most of th

DictaNum : système de dialogue incrémental pour la dictée ... - Microsoft
DictaNum : système de dialogue incrémental pour la dictée ... - Microsoft
23/11/2017 - www.microsoft.com
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/262881756 DictaNum : système de dialogue incrémental pour la dictée de numéros. Conference Paper · July 2014 CITATIONS READS 0 57 3 authors, including: Hatim Khouzaimi Romain Laroche Orange Labs / Laboratoire Informatique d'Avi & Microsoft Maluuba 12 PUBLICATIONS 42 CITATIONS 58 PUBLICATIONS 185 CITATIONS SEE PROFILE SEE PROFILE All content following this page was uploaded by H

MatrixExplorer: Un système pour l'analyse exploratoire de ... - Microsoft
MatrixExplorer: Un système pour l'analyse exploratoire de ... - Microsoft
22/05/2017 - www.microsoft.com
MatrixExplorer: Un système pour l analyse exploratoire de réseaux sociaux Nathalie Henry Jean-Daniel Fekete INRIA Futurs/LRI/University of Sydney Bât 490, Université Paris-Sud 91405 Orsay Cedex Nathalie.Henry@lri.fr INRIA Futurs/LRI Bât 490, Université Paris-Sud 91405 Orsay Cedex Jean-Daniel.Fekete@inria.fr RESUME ABSTRACT Dans cet article, nous présentons le système MatrixExplorer destiné à explorer des réseaux sociaux. Il a été conçu pour des chercheurs en sciences sociales  sociologues et h

Vers une approche simplifiée pour introduire le caractère ... - Microsoft
Vers une approche simplifiée pour introduire le caractère ... - Microsoft
23/11/2017 - www.microsoft.com
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/262881208 Vers une approche simplifiée pour introduire le caractère incrémental dans les systèmes de dialogue Conference Paper · July 2014 CITATION READS 1 26 3 authors, including: Hatim Khouzaimi Romain Laroche Orange Labs / Laboratoire Informatique d'Avi & Microsoft Maluuba 12 PUBLICATIONS 42 CITATIONS 58 PUBLICATIONS 185 CITATIONS SEE PROFILE All content following this page

User-Driven Access Control: Rethinking Permission ... - CiteSeerX
User-Driven Access Control: Rethinking Permission ... - CiteSeerX
23/08/2018 - www.microsoft.com
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems Franziska Roesner, Tadayoshi Kohno {franzi, yoshi}@cs.washington.edu University of Washington Alexander Moshchuk, Bryan Parno, Helen J. Wang {alexmos, parno, helenw}@microsoft.com Microsoft Research, Redmond Crispin Cowan crispin@microsoft.com Microsoft Abstract tionality and security for access to the user s data and resources. From a functionality standpoint, isolation inhibits the client-side manipulation

Architectures reconfigurables et traitement de proble`mes ... - Microsoft
Architectures reconfigurables et traitement de proble`mes ... - Microsoft
16/11/2016 - www.microsoft.com
RECHERCHE Architectures reconfigurables et traitement de proble`mes NP-difficiles : un nouveau domaine d application Youssef Hamadi  David Merceron ' ' LIRMM, UMR 5506 CNRS/Universite´ Montpellier II 161, Rue Ada, 34392 Montpellier Cedex 5 hamadi@lirmm.fr ''' EURIWARE, 12-14 rue du fort de St-Cyr 78067 St Quentin-en-Yvelines Cedex damercer@euriware.fr RE´SUME´. L algorithme GSAT est un algorithme de recherche locale. Cette me´thode recherche la premie`re instanciation satisfaisable de fo

1 Introduction - Microsoft
1 Introduction - Microsoft
11/04/2018 - www.microsoft.com
One-Way Accumulators: A Decentralized Alternative to Digital Signatures (Extended Abstract) Josh Benaloh Clarkson University Michael de Mare Giordano Automation Abstract This paper describes a simple candidate one-way hash function which satis es a quasi-commutative property that allows it to be used as an accumulator. This property allows protocols to be developed in which the need for a trusted central authority can be eliminated. Space-e cient distributed protocols are given for document time

D6. 4: Final evaluation of CLASSiC TownInfo and ... - Microsoft
D6. 4: Final evaluation of CLASSiC TownInfo and ... - Microsoft
23/11/2017 - www.microsoft.com
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/228835240 D6. 4: Final evaluation of CLASSiC TownInfo and Appointment Scheduling systems Article · May 2011 CITATIONS READS 15 56 11 authors, including: Helen Hastie Filip Jurcicek Heriot-Watt University Charles University in Prague 105 PUBLICATIONS 858 CITATIONS 55 PUBLICATIONS 439 CITATIONS SEE PROFILE SEE PROFILE Oliver Joseph Lemon Steve Young Heriot-Watt University Univers

Fiche produit Sony : 81/1237480409181.pdf
Fiche produit Sony : 81/1237480409181.pdf
16/02/2012 - www.sony.fr
11 15 février 20 2 janvier au Du 1 s sur remboursé 0 Jusqu'à 20 de produits on une sélecti Offre SONY PROLONGE LES FÊTES Modalités de l'offre Offre valable du 12 janvier au 15 février 2011 inclus dans les magasins participants* pour tout achat d'un produit Sony(1) porteur de l'offre. (1) Offre valable sur les références : · 50 remboursés sur : Téléviseurs : toutes les références de TV 32" et 37" · 100 remboursés sur : Téléviseurs : toutes les références de TV 40" et plus Appareils photo à objec

Logitech® Dual Action™ Gamepad
Logitech® Dual Action™ Gamepad
05/12/2014 - www.logitech.com
Logitech® Dual Action!" Gamepad Dual Analog Sticks " Mac " PC " USB Demand more control and get it... with the Logitech® Dual Action!" Pad. This gamepad offers intense precision, unparalleled versatility, superior comfort, and maximum control in all styles of games. The Logitech® Dual Action!" Gamepad... it's the ultimate precision instrument, whether you're going for the tackle, the kill, the gold, or the finish line. The comfortable grip keeps you at the top of your game for hours of play, and

BOXBOY! 1 Informations importantes Pour commencer 2 Partage d ...
BOXBOY! 1 Informations importantes Pour commencer 2 Partage d ...
15/08/2019 - www.nintendo.com
BOXBOY! 1 Informations importantes Pour commencer 2 Partage d-informations 3 Fonctions en ligne 4 Avis aux parents et tuteurs Informations 5 Sauvegarder et effacer Comment jouer 6 Les niveaux 7 La carte du monde 8 La boutique 9 Envoi de la demo Depannage 10 Assistance 1 Informations importantes Veuillez lire ce mode d-emploi attentivement avant d-utiliser ce

Lave-linge - Fiche Produit Selon le règlement délégué (UE) N° 1061 ...
Lave-linge - Fiche Produit Selon le règlement délégué (UE) N° 1061 ...
03/04/2018 - www.brandt.fr
Lave-linge - Fiche Produit Selon le règlement délégué (UE) N° 1061/2010 Marque BRANDT Référence commerciale BT652M 6.5 kg Capacité nominale Classe d'efficacité énergétique Consommation d'énergie de A+++ 164 kWh/an Sur la base de 220 cycles de lavage standard par an pour les programmes coton à 60°C et à 40°C à pleine charge et à demi-charge et de la consommation des modes à faible puissance. La consommation réelle d'énergie dépend des conditions d'utilisation de l'appareil. Consommation d énergi

Laser Mouse - Logitech
Laser Mouse - Logitech
05/12/2014 - www.logitech.com
Introduction When Doug Engelbart introduced the first mouse in 1968, a new industry was born. Throughout the years since then, Logitech has been at the forefront of innovation in mouse technologies. Now, Logitech with its technology partner Agilent Technologies does it again with the world s first mouse to employ the precision and tracking ability of a laser: Logitech MX!"1000 Cordless Laser Mouse. Though that original mouse was sophisticated for its time and embraced by forward thinkers, it wa

LG Design Leadership With 14 International Awards
LG Design Leadership With 14 International Awards
19/02/2012 - www.lg.com
www.lge.com LG conforte son leadership dans le design avec 14 prix internationaux Villepinte, France, 16 Villepinte , France, 16 avril 2009 ­ LG Electronics (LG), leader mondial et l'un des principaux innovateurs technologiques de l'électronique grand public, a été récompensé 14 fois par deux des distinctions les plus prestigieuses de l'industrie du design : les prix du design Red Dot et iF (International Forum). LG a reçu le prix Red Dot 2009 pour le design de ses produits dans sept catégories,